Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
"The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD Report.html to measure the success of the enumeration attempt," Huntress…
"The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the enumeration attempt," Huntress researchers Jevon Ang and Dray Agha said.
The attack chain involved the threat actor establishing Remote Desktop Protocol (RDP) access onto a domainjoined Windows Server with a set of precompromised credentials, followed by staging the tools in the "C:\ProgramData" folder. The incident took place in early June 2026.
This included an artificial intelligence (AI)generated payload to map the Active Directory environment. The assessment is based on various telltale signs, such as the prompt iteration title, placeholder strings, overengineered code that features multiple methods to find a Domain Controller, and beautified console output using cyan, green, red, and yellow.
Huntress described the bespoke PowerShell script as "highly aggressive" and "noisy," making use of a "fivestep cascading fallback mechanism" to enable reconnaissance and discovery. It's titled "100% Working AD Information Gathering Script FULLY FIXED," suggesting a backandforth with a large language model (LLM).
Once the primary Domain Controller is located, it initiates a data collection routine to systematically harvest AD users, computers, groups, organizational units (OUs), and trusts, and store the details in a staging directory.
About 30 minutes later, the attacker moved to deploy a s5cmd, a legitimate tool used for bulk file operations, along with SharpShares, a C#based network shares enumeration utility, to look for useraccessible data repositories.
In the final stage, the data is said into CSV files, archived, and exfiltrated to a remote server, but not before creating an HTML file summarizing the data theft in the form of an Active Directory Inventory Report.
"It's likely a 'helpful' inject from the LLM that the attacker simply went along with, rather than being intentionally authored into the script," the researchers explained.
The development is yet another sign that threat actors are augmenting their arsenal with vibecoded malware generated with assistance from AI models, even if the technology isn't being abused in ways not seen before. What it does change is that it lowers the barrier to entry for cybercrime, permitting lessskilled actors to come up with highly capable, evasive tooling with minimal effort.
"The underlying attack chain still resembles the triedandtested smashandgrab playbook we've seen for years," Huntress said. "This core methodology has remained consistent, but it is now being selectively augmented by AI. This hybrid approach prioritises aggression and speed over stealth, allowing threat actors to execute highly damaging campaigns faster than ever."
AI as a Force Multiplier
In a report published last week, Sygnia revealed that AIenabled attackers do not necessarily need novel malware or zerodays, but that the real shift lies in the fact that cyber intrusions can be orchestrated at a speed and scale faster and bigger than defenders can contain them.
The incident response company said it observed an AIassisted cloud attack that progressed from initial access to broad compromise within a span of about 72 hours against a large Amazon Web Services (AWS)based environment. The end goal of the activity is assessed to be financially motivated, with the attacker using the access to the victim's cloud infrastructure for use as leverage for extortion.
"The threat actor repeatedly leveraged newly acquired credentials to restart discovery, secrets harvesting, persistence, and impact activities," it said. "The attack relied on familiar cloud techniques rather than novel malware or zerodays."
"The threat actor was not exploiting a single misconfiguration; they were chaining weaknesses across application services, AWS resources, sourcecontrol repositories, CI/CD workflows, runtime components, and data stores, while rapidly executing credential discovery, secrets harvesting, cloud enumeration, deploymentpipeline abuse, runtime modification, database access, and operational disruption."
The attacker, per Sygnia, entailed repeated attempts to establish persistence on the compromised hosts, obtaining the access key to one of the AWS accounts through shortcomings in an internetfacing application. Each new access was followed by renewed enumeration, additional secret collection, persistence attempts by creating access keys and IAM users, and data exfiltration. At the same time, several attackercreated artifacts were masked as a pentest or a red teaming exercise.
To further exert pressure on victims, the attacker performed a series of actions
Denying access to S3 buckets
Limiting ECS services or containers to a maximum capacity of zero
Creating ACL rules to block network access
Purging SQS queues
"The significance was not that AI introduced new attack techniques, as every observed action mapped to longestablished adversary behaviors, but that it reduced the time and effort required to operationalize those techniques across a complex environment," Sygnia pointed out.
"The threat actor repeatedly converted newly obtained access into tailored action. For each new access key, the actor appeared to quickly determine the associated permissions, reachable resources, and most valuable next steps."
Related Articles
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling
Each read gets pinned to the moment it happened: the time, your location, what you were doing, even how you were using your phone. Some versions in the filing would listen all day; others would check in only at set…
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots
On the flight home, I picked up a book I had not touched in a few years. Daniel Kahneman's Thinking, Fast and Slow. Kahneman is one of the rare people who genuinely changed how we understand human decisionmaking. He…
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing lures that make use of legitimate email delivery infrastructure, such as Amazon Simple Email Service (Amazon SES)…